0 
foreach (string str in TestWords)
{
  //spam
  SqlCommand cmd6 = new SqlCommand("select count from keys,files,folders where keys.fileid=files.id and keys.kname='" + str + "' and files.spam=1 and folders.id<>" + FolIter + " and files.folderid<>" + FolIter + " and files.id='" + s[0].ToString + "'", cn);
  int i6 = Convert.ToInt16(cmd6.ExecuteScalar());
  double temp = Convert.ToDouble((i6 + 1) / (i7 + i8));
  //non spam

  **error**

  SqlCommand cmd9 = new SqlCommand("select count from keys,files,folders where keys.fileid=files.id and keys.kname='" 
    + str 
    + "' and files.spam=0 and folders.id<>"
    + FolIter
    + " and files.folderid<>" 
    + FolIter 
    + " and files.id='" 
    + s[0].ToString 
    + "'", cn);
  int i9 = Convert.ToInt16(cmd9.ExecuteScalar());
  temp2 = Convert.ToDouble((i9 + 1) / (i7 + i8));
  Sdoc = Convert.ToDouble(Sdoc * temp);
  NsDoc = Convert.ToDouble(NsDoc * temp2);
}

The error iam getting is:Operator '+' cannot be applied to operands of type 'string' and 'method group'

Improve this question
3
  • Supplying what line the error is occuring would be helpfull, and the rest of the scope. Commented Sep 7, 2010 at 12:03
  • 2
    Two things: 1) what is FolIter, and 2) (and this one is important): do some reading on SQL Injection (start here, for instance: msdn.microsoft.com/en-us/magazine/cc163917.aspx), and the steps to take to avoid it. Your code is wide open for such attacks. Commented Sep 7, 2010 at 12:06
  • Slightly better now that its been formated ;). I can only hope, you have a type-o, and actually have () after ToString . Commented Sep 7, 2010 at 12:08

3 Answers 3

Reset to default
8

You have to call the method:

s[0].ToString()
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

5

As Nix, Femaref and Azhar mentioned, .ToString() is the typo that triggers the error message.

May I suggest to use parameters instead of string concatenation ? This way:

SqlCommand cmd9 = new SqlCommand("select count from keys,files,folders where keys.fileid=files.id and keys.kname=@name and and files.spam=0 and folders.id<>@FolIter and files.folderid<>@FolIter and files.id=@s0", cn);

cmd9.Parameters.Add(new SqlParameter("@name", str));
cmd9.Parameters.Add(new SqlParameter("@FolIter", FolIter));
cmd9.Parameters.Add(new SqlParameter("s0", s0));

By this way, ADO.NET will deal with your variable as is, you wont have to convert them to string to use concatenation, and you wont be exposed to a SQL injection risk.

Improve this answer

Comments

2

You are using method ToString() as Property

change s[0].ToString -> s[0].ToString()

Remember C# does not allow it.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.